[Mailman-Users] Modify options-login page
Michele Federle
mikecesure at gmail.com
Fri Jan 27 22:06:14 CET 2012
Thank you Mark, it works marvellously !!!
Thousand thanks again!!
2012/1/27 Mark Sapiro <mark at msapiro.net>
> Michele Federle wrote:
>
> >I've done it, but now there is a problem!!! In the options-page appears an
> >error:
> >
> >Bug in Mailman version 2.1.13
> >We're sorry, we hit a bug!
>
>
> You have made a mistake in modifying options.py. There will be an entry
> in Mailman's 'error' log from the above including a traceback and a
> Python error.
>
> If you can't figure out your mistake, post the traceback and error and
> your modified code.
>
> I suggest you copy/paste the code fragment directly from
> <http://mail.python.org/pipermail/mailman-users/2012-January/072811.html>.
>
>
> >2012/1/27 Mark Sapiro <mark at msapiro.net>
> >>
> >> If you really mean you would like an authentication failure from the
> >> options login page to return the list's listinfo page with an error
> >> message, that would be difficult to do because the listinfo page
> >> doesn't have a mechanism for reporting errors when invoked with an
> >> HTTP GET. And why would you want to take the user away from the login
> >> page just because of a simple typo in email address or password?
> >
> >
> >Just because I modified the html and I have both email and password inputs
> >for login in the listinfo page :)
> >So it would be better if users don't see the login form on the
> options-page,
> >it doesn't suit with the rest!!
>
>
> OK, but the web UI wasn't designed to work that way, so it's not easy
> to do.
>
>
> >>If you just want to replace the "Authentication failed." error message
> >> with something more specific, you could do that, but you would have to
> >> modify the code to first validate the member address, because the
> >> existing code calls the SecurityManager WebAuthenticate() method to
> >> authenticate the entry and it's context (list member, list owner, site
> >> owner) and receives onle a True or False return.
> >
> >
> >Oh, such a shame!! And make a simple redirect in case of login-error??
>
>
> If you want to have an options login failure go back to the listinfo
> page, you can make a similar modification to this code:
>
> if cgidata.has_key('password'):
> doc.addError(_('Authentication failed.'))
> # So as not to allow membership leakage, prompt for the
> email
> # address and the password here.
> if mlist.private_roster <> 0:
> syslog('mischief',
> 'Login failure with private rosters: %s',
> user)
> user = None
> # give an HTTP 401 for authentication failure
> print 'Status: 401 Unauthorized'
> loginpage(mlist, doc, user, language)
> print doc.Format()
> return
>
> changing it to something like:
>
> if cgidata.has_key('password'):
> doc.addError(_('Authentication failed.'))
> # So as not to allow membership leakage, prompt for the
> email
> # address and the password here.
> if mlist.private_roster <> 0:
> syslog('mischief',
> 'Login failure with private rosters: %s',
> user)
> user = None
> listinfo_url = '%slistinfo%s/%s' % (mlist.web_page_url,
> mm_cfg.CGIEXT,
> mlist.internal_name(),
> )
> print """Status: 303 See Other
> Location: %s
>
> If you see this, <a href=%s>Click to redirect</a>.
> """ % (listinfo_url, listinfo_url)
> return
>
>
> --
> Mark Sapiro <mark at msapiro.net> The highway is for gamblers,
> San Francisco Bay Area, California better use your sense - B. Dylan
>
>
--
:: Michele Federle
:: Twitter: @mikecesure
:: Skype: mikecesure
More information about the Mailman-Users
mailing list